Security Team

In addition to community-sourced developments, NixOS has a dedicated security team. If the above sources are not enough to answer your question, please reach out to a member of the team listed below.

Security Disclosures

To privately report a security issue with NixOS, Nix, and its ecosystem, please email a member of the NixOS Security Team and we will ensure the issue is handled. Our responses will be signed with our GPG keys.

Sources of Security Information

Security is a priority for the NixOS community. A variety of channels are used to coordinate development in this vein. Three of the main modes of communication about NixOS security are:

The issues tagged "Security" on GitHub/NixOS
The #nixos-security IRC channel on FreeNode
The NixOS security discourse

Members

Graham Christensen, graham@grahamc.com (gchristensen)
GPG Key: 0xFE918C3A98C1030F
GPG Fingerprint: BA94 FDF1 1DA4 0521 2864 C121 FE91 8C3A 98C1 030F
Franz Pletz, fpletz@fnordicwalking.de (fpletz)
GPG Key: 0x846FDED7792617B4
GPG Fingerprint: 8A39 615D CE78 AF08 2E23 F303 846F DED7 7926 17B4
Domen Kožar, domen@dev.si (domenkozar)
GPG Key:0xC2FFBCAFD2C24246
GPG Fingerprint: E96C 15A0 8D17 CE3B 17B0 C7AB C2FF BCAF D2C2 4246
Rob Vermaas - emeritus, rob.vermaas@gmail.com (ikwildrpepper)

Security Team

Security Disclosures

Sources of Security Information

Members

The project

Get in Touch

Contribute

Stay up to date